CERT-In released a high-priority advisory warning of active cyber-attack campaigns targeting Indian websites and ICT infrastructure. The advisory outlines essential mitigation strategies against web intrusions, DoS/DDoS attacks, and malware threats.
Web Intrusion Prevention: Organizations should update all software, conduct regular security audits, validate user inputs, deploy Web Application Firewalls (WAF), monitor server logs, scan for malicious files, and use file integrity monitoring tools.
DoS/DDoS Defense: To safeguard critical services, entities are advised to monitor network traffic, install intrusion and DDoS prevention systems, analyze logs, block attack sources, implement traffic filtering, and coordinate with Internet Service Providers.
Malware Protection: CERT-In urges the blocking of malicious domains, timely software updates, disabling of PowerShell/macros where unnecessary, DNS activity monitoring, deployment of web and email filters, use of strong password policies, firewall activation, and restriction of external media.
Infrastructure Security: Organizations must secure databases, enforce regular password resets, install WAFs, conduct activity monitoring, back up critical systems, and perform frequent security assessments.
CERT-In emphasizes immediate compliance with these measures and calls on all entities to actively monitor their infrastructure and report any incidents without delay.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
